• State Suggested Answer
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 12 subscribers
  • Views 613 views
  • Users 0 members are here
Options
Related

DNS name server requirements according to System platform 2023 deployment guide.

Jakob Agustsson

Hi,

we are starting the process of updating to 2023 version.  This requires coordination with our client's IT department, we are referring them to the DNS requirements in the newly released deployment guide from AVEVA.  

There is a requirement for all nodes being able to communicate with each other by using both IP adress and node name. The IT department are asking us why there is requirement for all nodes to be able to communicate by using BOTH IP address and Node Name? Is there a more detailed explanation for this or is it just something that "may" result in problems.

Thank you kindly for any help you can provide.

Deployment guide, page 77.

Configure IP addressing
Make sure the DNS server is properly configured. All nodes in your Galaxy must be able to communicate with
each other by using both IP address and Node Name, as configured in the Network Address option of the
WinPlatform object.
If PCs in the Galaxy are using fixed IP addresses, then create a hosts file with the host name to IP Address
mapping.
WinPlatform connection problems may result if computers cannot be accessed by both Hostname and IP
address.
This is true no matter which type of Network Address you choose to use.
For example, assume two nodes in your Galaxy (host name: NodeA, IP address: 10.2.69.1; host name: NodeB, IP
address: 10.2.69.2). NodeA must be able to ping NodeB with both "NodeB" and "10.2.69.2".
The reverse must also be true for NodeB pinging NodeA. Failure in either case, may result in the following: you
may not be able to connect to a remote Galaxy Repository node from the IDE or deployment operations may fail.

Parents
  • 0

      ,

    Sorry for such a delayed reply.

    I believe that the main reason for the DNS requirements is the certificate that is essential for encrypted communications between nodes in an AVEVA system. It is worth mentioning that a certificate is bound with a hostname (node name) not its IP addresses. One machine can have multiple NICs. For example, a server machine has two NICs, one NIC gets registered in a DNS server for an HMI/SCADA network and the other for PLC network that should not get registered in the DNS server. 

    In general, communications between nodes are based in IP addresses and ports in TCP/IP. When you use a hostname in your system, a node in the system will send a query to the DNS server at runtime to request a server machine's IP addresses and use one of IPs for communication with the server. In the example above, if the NIC for the PLC network also gets registered in DNS server, the node may end up using the IP address for the PCS network and fail to establish the communication with the server. Note that the certificate-based encryption in communication is running on top of TCP/IP.

    If you use a workgroup not domain for your system, you need to add the static IP address of each node to its host file. For using a static IP address in a node in domain, your IT department should reserve the IP address for this node in the DNS table.

    I hope that I have answered your questions.

    Regards,

    jacky

  • 0 in reply to Jacky Lang

    Hi Jacky, thank you so much for your reply, I am really in need of a further discussion regarding the system upgrade in general. Would it be ok to continue this thread as i go along with the upgrade?, if issues come up.

    This answer was certainly helpful, and no worries about the late reply.

Reply Children
© 2024 AVEVA Group Limited or its subsidiaries. All Rights Reserved.